{"id":15790,"date":"2025-04-22T14:06:00","date_gmt":"2025-04-22T14:06:00","guid":{"rendered":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/"},"modified":"2025-04-22T14:06:00","modified_gmt":"2025-04-22T14:06:00","slug":"gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/","title":{"rendered":"GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News)"},"content":{"rendered":"<p>Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that&#8217;s based on Apache Airflow.<br \/>\n&#8220;This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account, which<a href=\"https:\/\/thehackernews.com\/2025\/04\/gcp-cloud-composer-bug-let-attackers.html\" target=\"_blank\" class=\"feedzy-rss-link-icon\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that&#8217;s based on Apache Airflow. &#8220;This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":15791,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-15790","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that&#039;s based on Apache Airflow. &quot;This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account,\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"admin\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Sekuritas IT \u203a Creative solutions to unique challenges.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta property=\"og:description\" content=\"Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that&#039;s based on Apache Airflow. &quot;This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account,\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2025-04-22T14:06:00+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2025-04-22T14:06:00+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100086973577423\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta name=\"twitter:description\" content=\"Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that&#039;s based on Apache Airflow. &quot;This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account,\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/22\\\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\\\/#blogposting\",\"name\":\"GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"headline\":\"GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News)\",\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/04\\\/google-ikX3FE.gif\",\"width\":728,\"height\":380},\"datePublished\":\"2025-04-22T14:06:00+00:00\",\"dateModified\":\"2025-04-22T14:06:00+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/22\\\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/22\\\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"articleSection\":\"Uncategorized\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/22\\\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sekuritasit.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/22\\\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\\\/#listItem\",\"name\":\"GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News)\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/22\\\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\\\/#listItem\",\"position\":3,\"name\":\"GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News)\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\",\"name\":\"Sekuritas IT\",\"description\":\"Creative solutions to unique challenges.\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100086973577423\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/22\\\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g\",\"width\":96,\"height\":96,\"caption\":\"admin\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/22\\\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\\\/#webpage\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/22\\\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\\\/\",\"name\":\"GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"description\":\"Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that's based on Apache Airflow. \\\"This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account,\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/22\\\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/04\\\/google-ikX3FE.gif\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/22\\\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\\\/#mainImage\",\"width\":728,\"height\":380},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/22\\\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\\\/#mainImage\"},\"datePublished\":\"2025-04-22T14:06:00+00:00\",\"dateModified\":\"2025-04-22T14:06:00+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"name\":\"Sekuritas IT\",\"alternateName\":\"Sekuritas\",\"description\":\"Creative solutions to unique challenges.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that's based on Apache Airflow. \"This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account,","canonical_url":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/#blogposting","name":"GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","headline":"GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News)","author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/04\/google-ikX3FE.gif","width":728,"height":380},"datePublished":"2025-04-22T14:06:00+00:00","dateModified":"2025-04-22T14:06:00+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/#webpage"},"isPartOf":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/#webpage"},"articleSection":"Uncategorized"},{"@type":"BreadcrumbList","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","position":1,"name":"Home","item":"https:\/\/sekuritasit.com","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","position":2,"name":"Uncategorized","item":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/#listItem","name":"GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News)"},"previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/#listItem","position":3,"name":"GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News)","previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}}]},{"@type":"Organization","@id":"https:\/\/sekuritasit.com\/#organization","name":"Sekuritas IT","description":"Creative solutions to unique challenges.","url":"https:\/\/sekuritasit.com\/","sameAs":["https:\/\/www.facebook.com\/profile.php?id=100086973577423"]},{"@type":"Person","@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author","url":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/","name":"admin","image":{"@type":"ImageObject","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g","width":96,"height":96,"caption":"admin"}},{"@type":"WebPage","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/#webpage","url":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/","name":"GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that's based on Apache Airflow. \"This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account,","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/sekuritasit.com\/#website"},"breadcrumb":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/#breadcrumblist"},"author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"creator":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/04\/google-ikX3FE.gif","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/#mainImage","width":728,"height":380},"primaryImageOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/#mainImage"},"datePublished":"2025-04-22T14:06:00+00:00","dateModified":"2025-04-22T14:06:00+00:00"},{"@type":"WebSite","@id":"https:\/\/sekuritasit.com\/#website","url":"https:\/\/sekuritasit.com\/","name":"Sekuritas IT","alternateName":"Sekuritas","description":"Creative solutions to unique challenges.","inLanguage":"en-US","publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Sekuritas IT \u203a Creative solutions to unique challenges.","og:type":"article","og:title":"GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","og:description":"Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that's based on Apache Airflow. &quot;This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account,","og:url":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/","article:published_time":"2025-04-22T14:06:00+00:00","article:modified_time":"2025-04-22T14:06:00+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100086973577423","twitter:card":"summary_large_image","twitter:title":"GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","twitter:description":"Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that's based on Apache Airflow. &quot;This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account,"},"aioseo_meta_data":{"post_id":"15790","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2025-04-22 14:47:37","updated":"2025-10-15 14:43:21","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/\" title=\"Uncategorized\">Uncategorized<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tGCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News)\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/sekuritasit.com"},{"label":"Uncategorized","link":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/"},{"label":"GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages info@thehackernews.com (The Hacker News)","link":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/22\/gcp-cloud-composer-bug-let-attackers-elevate-access-via-malicious-pypi-packages-infothehackernews-com-the-hacker-news\/"}],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/15790","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=15790"}],"version-history":[{"count":0,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/15790\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media\/15791"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=15790"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=15790"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=15790"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}